From d153093ba28279aa3540bee3298eb5d9356f68aa Mon Sep 17 00:00:00 2001 From: Luke Dashjr Date: Fri, 15 Nov 2019 05:36:24 +0000 Subject: [PATCH 1/4] net: Add blockfilters white{bind,list} permission flag --- src/init.cpp | 10 ++++++++++ src/net_permissions.cpp | 2 ++ src/net_permissions.h | 7 ++++++- src/net_processing.cpp | 3 +++ 4 files changed, 21 insertions(+), 1 deletion(-) diff --git a/src/init.cpp b/src/init.cpp index faaf3353d0..98470bccd8 100644 --- a/src/init.cpp +++ b/src/init.cpp @@ -1876,10 +1876,13 @@ bool AppInitMain(NodeContext& node, interfaces::BlockAndHeaderTipInfo* tip_info) return InitError(ResolveErrMsg("bind", bind_arg)); } + NetPermissionFlags all_permission_flags{NetPermissionFlags::None}; + for (const std::string& strBind : args.GetArgs("-whitebind")) { NetWhitebindPermissions whitebind; bilingual_str error; if (!NetWhitebindPermissions::TryParse(strBind, whitebind, error)) return InitError(error); + NetPermissions::AddFlag(all_permission_flags, whitebind.m_flags); connOptions.vWhiteBinds.push_back(whitebind); } @@ -1926,6 +1929,7 @@ bool AppInitMain(NodeContext& node, interfaces::BlockAndHeaderTipInfo* tip_info) ConnectionDirection connection_direction; bilingual_str error; if (!NetWhitelistPermissions::TryParse(net, subnet, connection_direction, error)) return InitError(error); + NetPermissions::AddFlag(all_permission_flags, subnet.m_flags); if (connection_direction & ConnectionDirection::In) { connOptions.vWhitelistedRangeIncoming.push_back(subnet); } @@ -1934,6 +1938,12 @@ bool AppInitMain(NodeContext& node, interfaces::BlockAndHeaderTipInfo* tip_info) } } + if (NetPermissions::HasFlag(all_permission_flags, NetPermissionFlags::BlockFilters_Explicit)) { + if (g_enabled_filter_types.count(BlockFilterType::BASIC) != 1) { + return InitError(_("Cannot grant blockfilters permission without -blockfilterindex.")); + } + } + connOptions.vSeedNodes = args.GetArgs("-seednode"); // Initiate outbound connections unless connect=0 diff --git a/src/net_permissions.cpp b/src/net_permissions.cpp index 8f0042c141..60a90b1305 100644 --- a/src/net_permissions.cpp +++ b/src/net_permissions.cpp @@ -12,6 +12,7 @@ using common::ResolveErrMsg; const std::vector NET_PERMISSIONS_DOC{ "bloomfilter (allow requesting BIP37 filtered blocks and transactions)", + "blockfilters (serve compact block filters to peers per BIP157)", "noban (do not ban for misbehavior; implies download)", "forcerelay (relay transactions that are already in the mempool; implies relay)", "relay (relay even in -blocksonly mode, and unlimited transaction announcements)", @@ -48,6 +49,7 @@ static bool TryParsePermissionFlags(const std::string& str, NetPermissionFlags& if (commaSeparator != std::string::npos) readen++; // We read "," if (permission == "bloomfilter" || permission == "bloom") NetPermissions::AddFlag(flags, NetPermissionFlags::BloomFilter); + else if (permission == "blockfilters" || permission == "compactfilters" || permission == "cfilters") NetPermissions::AddFlag(flags, NetPermissionFlags::BlockFilters_Explicit); else if (permission == "noban") NetPermissions::AddFlag(flags, NetPermissionFlags::NoBan); else if (permission == "forcerelay") NetPermissions::AddFlag(flags, NetPermissionFlags::ForceRelay); else if (permission == "mempool") NetPermissions::AddFlag(flags, NetPermissionFlags::Mempool); diff --git a/src/net_permissions.h b/src/net_permissions.h index 33babd6204..280cbbd559 100644 --- a/src/net_permissions.h +++ b/src/net_permissions.h @@ -41,10 +41,15 @@ enum class NetPermissionFlags : uint32_t { // unlimited amounts of addrs. Addr = (1U << 7), + // Can query compact filters even if -peerblockfilters is false + BlockFilters = (1U << 8), + // Used to avoid an error when All is used to set BlockFilters + BlockFilters_Explicit = BlockFilters | (1U << 9), + // True if the user did not specifically set fine-grained permissions with // the -whitebind or -whitelist configuration options. Implicit = (1U << 31), - All = BloomFilter | ForceRelay | Relay | NoBan | Mempool | Download | Addr, + All = BloomFilter | ForceRelay | Relay | NoBan | Mempool | Download | Addr | BlockFilters, }; static inline constexpr NetPermissionFlags operator|(NetPermissionFlags a, NetPermissionFlags b) { diff --git a/src/net_processing.cpp b/src/net_processing.cpp index 13ea3a29be..32a440b378 100644 --- a/src/net_processing.cpp +++ b/src/net_processing.cpp @@ -1728,6 +1728,9 @@ void PeerManagerImpl::InitializeNode(const CNode& node, ServiceFlags our_service if (NetPermissions::HasFlag(node.m_permission_flags, NetPermissionFlags::BloomFilter)) { our_services = static_cast(our_services | NODE_BLOOM); } + if (NetPermissions::HasFlag(node.m_permission_flags, NetPermissionFlags::BlockFilters)) { + our_services = static_cast(our_services | NODE_COMPACT_FILTERS); + } PeerRef peer = std::make_shared(nodeid, our_services); { From aa2885797e9a5c8c613171ed95e7a02de4b0b226 Mon Sep 17 00:00:00 2001 From: Luke Dashjr Date: Sun, 7 Jun 2020 22:48:26 +0000 Subject: [PATCH 2/4] Include "blockfilters" in NetPermissions::ToStrings as appropriate --- src/net_permissions.cpp | 1 + src/test/netbase_tests.cpp | 3 ++- test/functional/p2p_permissions.py | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/net_permissions.cpp b/src/net_permissions.cpp index 60a90b1305..28054db825 100644 --- a/src/net_permissions.cpp +++ b/src/net_permissions.cpp @@ -94,6 +94,7 @@ static bool TryParsePermissionFlags(const std::string& str, NetPermissionFlags& std::vector NetPermissions::ToStrings(NetPermissionFlags flags) { std::vector strings; + if (NetPermissions::HasFlag(flags, NetPermissionFlags::BlockFilters)) strings.emplace_back("blockfilters"); if (NetPermissions::HasFlag(flags, NetPermissionFlags::BloomFilter)) strings.emplace_back("bloomfilter"); if (NetPermissions::HasFlag(flags, NetPermissionFlags::NoBan)) strings.emplace_back("noban"); if (NetPermissions::HasFlag(flags, NetPermissionFlags::ForceRelay)) strings.emplace_back("forcerelay"); diff --git a/src/test/netbase_tests.cpp b/src/test/netbase_tests.cpp index 3422cb8023..50a2561fb8 100644 --- a/src/test/netbase_tests.cpp +++ b/src/test/netbase_tests.cpp @@ -465,7 +465,8 @@ BOOST_AUTO_TEST_CASE(netpermissions_test) BOOST_CHECK_EQUAL(connection_direction, ConnectionDirection::Both); const auto strings = NetPermissions::ToStrings(NetPermissionFlags::All); - BOOST_CHECK_EQUAL(strings.size(), 7U); + BOOST_CHECK_EQUAL(strings.size(), 8U); + BOOST_CHECK(std::find(strings.begin(), strings.end(), "blockfilters") != strings.end()); BOOST_CHECK(std::find(strings.begin(), strings.end(), "bloomfilter") != strings.end()); BOOST_CHECK(std::find(strings.begin(), strings.end(), "forcerelay") != strings.end()); BOOST_CHECK(std::find(strings.begin(), strings.end(), "relay") != strings.end()); diff --git a/test/functional/p2p_permissions.py b/test/functional/p2p_permissions.py index c881dd6ff4..36f81702f4 100755 --- a/test/functional/p2p_permissions.py +++ b/test/functional/p2p_permissions.py @@ -81,7 +81,7 @@ class P2PPermissionsTests(BitcoinTestFramework): self.checkpermission( # all permission added ["-whitelist=all@127.0.0.1"], - ["forcerelay", "noban", "mempool", "bloomfilter", "relay", "download", "addr"]) + ["blockfilters", "forcerelay", "noban", "mempool", "bloomfilter", "relay", "download", "addr"]) for flag, permissions in [(["-whitelist=noban,out@127.0.0.1"], ["noban", "download"]), (["-whitelist=noban@127.0.0.1"], [])]: self.restart_node(0, flag) From a0d0807abc25d5f29b6466b296a5c659c26d0592 Mon Sep 17 00:00:00 2001 From: Luke Dashjr Date: Sun, 7 Jun 2020 22:52:06 +0000 Subject: [PATCH 3/4] Refactor to avoid conflicts in new p2p permissions --- src/net_permissions.h | 1 + src/test/netbase_tests.cpp | 23 ++++++++++++++--------- test/functional/p2p_permissions.py | 11 ++++++++++- 3 files changed, 25 insertions(+), 10 deletions(-) diff --git a/src/net_permissions.h b/src/net_permissions.h index 280cbbd559..3b26cc0967 100644 --- a/src/net_permissions.h +++ b/src/net_permissions.h @@ -22,6 +22,7 @@ constexpr bool DEFAULT_WHITELISTRELAY = true; constexpr bool DEFAULT_WHITELISTFORCERELAY = false; enum class NetPermissionFlags : uint32_t { + // NOTE: When adding here, be sure to update net_permissions.cpp's NetPermissions::ToStrings too None = 0, // Can query bloomfilter even if -peerbloomfilters is false BloomFilter = (1U << 1), diff --git a/src/test/netbase_tests.cpp b/src/test/netbase_tests.cpp index 50a2561fb8..d3a73ec9b4 100644 --- a/src/test/netbase_tests.cpp +++ b/src/test/netbase_tests.cpp @@ -465,15 +465,20 @@ BOOST_AUTO_TEST_CASE(netpermissions_test) BOOST_CHECK_EQUAL(connection_direction, ConnectionDirection::Both); const auto strings = NetPermissions::ToStrings(NetPermissionFlags::All); - BOOST_CHECK_EQUAL(strings.size(), 8U); - BOOST_CHECK(std::find(strings.begin(), strings.end(), "blockfilters") != strings.end()); - BOOST_CHECK(std::find(strings.begin(), strings.end(), "bloomfilter") != strings.end()); - BOOST_CHECK(std::find(strings.begin(), strings.end(), "forcerelay") != strings.end()); - BOOST_CHECK(std::find(strings.begin(), strings.end(), "relay") != strings.end()); - BOOST_CHECK(std::find(strings.begin(), strings.end(), "noban") != strings.end()); - BOOST_CHECK(std::find(strings.begin(), strings.end(), "mempool") != strings.end()); - BOOST_CHECK(std::find(strings.begin(), strings.end(), "download") != strings.end()); - BOOST_CHECK(std::find(strings.begin(), strings.end(), "addr") != strings.end()); + const std::vector expected_strings{ + "blockfilters", + "bloomfilter", + "forcerelay", + "relay", + "noban", + "mempool", + "download", + "addr", + }; + BOOST_CHECK_EQUAL(strings.size(), expected_strings.size()); + for (const auto& expected : expected_strings) { + BOOST_CHECK(std::find(strings.begin(), strings.end(), expected) != strings.end()); + } } BOOST_AUTO_TEST_CASE(netbase_dont_resolve_strings_with_embedded_nul_characters) diff --git a/test/functional/p2p_permissions.py b/test/functional/p2p_permissions.py index 36f81702f4..98123d22b4 100755 --- a/test/functional/p2p_permissions.py +++ b/test/functional/p2p_permissions.py @@ -81,7 +81,16 @@ class P2PPermissionsTests(BitcoinTestFramework): self.checkpermission( # all permission added ["-whitelist=all@127.0.0.1"], - ["blockfilters", "forcerelay", "noban", "mempool", "bloomfilter", "relay", "download", "addr"]) + [ + "blockfilters", + "forcerelay", + "noban", + "mempool", + "bloomfilter", + "relay", + "download", + "addr", + ]) for flag, permissions in [(["-whitelist=noban,out@127.0.0.1"], ["noban", "download"]), (["-whitelist=noban@127.0.0.1"], [])]: self.restart_node(0, flag) From d3bcf469ce47348fdb17f3929eb72195203bbab5 Mon Sep 17 00:00:00 2001 From: Luke Dashjr Date: Thu, 12 Nov 2020 02:03:28 +0000 Subject: [PATCH 4/4] Diff-minimise --- src/net_permissions.h | 1 - src/test/netbase_tests.cpp | 23 +++++++++-------------- 2 files changed, 9 insertions(+), 15 deletions(-) diff --git a/src/net_permissions.h b/src/net_permissions.h index 3b26cc0967..280cbbd559 100644 --- a/src/net_permissions.h +++ b/src/net_permissions.h @@ -22,7 +22,6 @@ constexpr bool DEFAULT_WHITELISTRELAY = true; constexpr bool DEFAULT_WHITELISTFORCERELAY = false; enum class NetPermissionFlags : uint32_t { - // NOTE: When adding here, be sure to update net_permissions.cpp's NetPermissions::ToStrings too None = 0, // Can query bloomfilter even if -peerbloomfilters is false BloomFilter = (1U << 1), diff --git a/src/test/netbase_tests.cpp b/src/test/netbase_tests.cpp index d3a73ec9b4..50a2561fb8 100644 --- a/src/test/netbase_tests.cpp +++ b/src/test/netbase_tests.cpp @@ -465,20 +465,15 @@ BOOST_AUTO_TEST_CASE(netpermissions_test) BOOST_CHECK_EQUAL(connection_direction, ConnectionDirection::Both); const auto strings = NetPermissions::ToStrings(NetPermissionFlags::All); - const std::vector expected_strings{ - "blockfilters", - "bloomfilter", - "forcerelay", - "relay", - "noban", - "mempool", - "download", - "addr", - }; - BOOST_CHECK_EQUAL(strings.size(), expected_strings.size()); - for (const auto& expected : expected_strings) { - BOOST_CHECK(std::find(strings.begin(), strings.end(), expected) != strings.end()); - } + BOOST_CHECK_EQUAL(strings.size(), 8U); + BOOST_CHECK(std::find(strings.begin(), strings.end(), "blockfilters") != strings.end()); + BOOST_CHECK(std::find(strings.begin(), strings.end(), "bloomfilter") != strings.end()); + BOOST_CHECK(std::find(strings.begin(), strings.end(), "forcerelay") != strings.end()); + BOOST_CHECK(std::find(strings.begin(), strings.end(), "relay") != strings.end()); + BOOST_CHECK(std::find(strings.begin(), strings.end(), "noban") != strings.end()); + BOOST_CHECK(std::find(strings.begin(), strings.end(), "mempool") != strings.end()); + BOOST_CHECK(std::find(strings.begin(), strings.end(), "download") != strings.end()); + BOOST_CHECK(std::find(strings.begin(), strings.end(), "addr") != strings.end()); } BOOST_AUTO_TEST_CASE(netbase_dont_resolve_strings_with_embedded_nul_characters)